# Changelog — IRDB

This is the **project-wide** changelog for the IRDB stack as a whole — a
high-level record of what shipped in each cut of the bundled
`docker-compose` deployment.

The `api` and `ui` containers are versioned independently and have their
own changelogs:

- [`api/CHANGELOG.md`](./api/CHANGELOG.md)
- [`ui/CHANGELOG.md`](./ui/CHANGELOG.md)

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
and the project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

Project-wide tags use the `v<MAJOR>.<MINOR>.<PATCH>` form so they don't
collide with the per-component `api-v…` / `ui-v…` tags in this monorepo.

## [Unreleased]

## [0.9] — 2026-05-06

First public preview of the bundled stack. Everything specified in
[`SPEC.md`](./SPEC.md) milestones M1–M14 is in place; the `0.9` cut is
the integration milestone where `api` 1.0.0 and `ui` 1.0.0 have been
shipped together, hardened against the `SEC_REVIEW` findings, and
verified end-to-end via the demo seed flow.

The remaining gap to a `1.0` project tag is operational rather than
functional — exercising the stack against real reporters/consumers,
finalising the upgrade story, and locking down the Compose defaults for
production deployment.

### Highlights
- Self-hosted abuse-report ingestion + tailored, decay-weighted blocklist
  distribution as a Compose stack: `api` (Slim 4 / FrankenPHP JSON
  backend), `ui` (Slim 4 / FrankenPHP PHP+Twig BFF), and optional
  `mysql` and `scheduler` sidecars.
- Four-kind token model (`reporter`, `consumer`, `admin`, `service`)
  with SHA-256 hashing and a service-token + impersonation-header
  pattern between the UI BFF and the api.
- Reputation engine with linear and exponential decay, per-reporter
  trust weighting, manual blocks and allowlist evaluated at distribution
  time, and a 365-day hard cutoff.
- GeoIP enrichment with MaxMind GeoLite2 and IPinfo adapters, refreshed
  via an internal job.
- OIDC login (Microsoft Entra ID, authorization code + PKCE) plus a
  local admin form with Argon2id password validation.
- Full admin UI: dashboard, IPs, subnets/allowlist, policies, reporters,
  consumers, tokens, categories, audit log, and the settings page used
  to display this version.
- Public-endpoint audit emission with global + per-entity toggles so the
  high-volume `report.received` / `blocklist.requested` rows can be
  silenced without a container restart.
- Hardening pass against the `SEC_REVIEW` queue (F1–F74 at time of
  writing): security headers, secret scrubbing, request body caps,
  bounded caches, rate limiting on public endpoints.

### Container versions in this release
- `api` — 1.0.0 (see [api/CHANGELOG.md](./api/CHANGELOG.md))
- `ui` — 1.0.0 (see [ui/CHANGELOG.md](./ui/CHANGELOG.md))

[Unreleased]: https://github.com/your-org/irdb/compare/v0.9...HEAD
[0.9]: https://github.com/your-org/irdb/releases/tag/v0.9